Multiple vulnerabilities in Apple iOS

Published: 2018-12-06 11:26:54
Severity High
Patch available YES
Number of vulnerabilities 20
CVE ID CVE-2018-4303
CVE-2018-4465
CVE-2018-4447
CVE-2018-4461
CVE-2018-4430
CVE-2018-4446
CVE-2018-4460
CVE-2018-4431
CVE-2018-4435
CVE-2018-4429
CVE-2018-4439
CVE-2018-4436
CVE-2018-4440
CVE-2018-4445
CVE-2018-4441
CVE-2018-4442
CVE-2018-4443
CVE-2018-4438
CVE-2018-4437
CVE-2018-4464
CVSSv3 6.8 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
7.7 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
7.7 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
7.7 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
2.9 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
2.9 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
4.8 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
4.8 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
6.8 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
4.6 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
4.6 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
4.6 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
3.8 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
6.4 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CWE ID CWE-843
CWE-119
CWE-200
CWE-264
CWE-20
Exploitation vector Network
Public exploit N/A
Vulnerable software Apple iOS
Vulnerable software versions Apple iOS 12.1
Apple iOS 12.0
Apple iOS 12.0.1
Vendor URL Apple Inc.

Security Advisory

1) Type confusion

Description

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to type confusion in the Airport component. A local attacker can run a specially crafted application, trigger memory corruption and gain elevated privileges.

Remediation

Update to version 12.1.1.

External links

https://support.apple.com/en-us/HT209340

2) Memory corruption

Description

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to boundary error in the Disk Images component. A local attacker can run a specially crafted application, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

Remediation

Update to version 12.1.1.

External links

https://support.apple.com/en-us/HT209340

3) Memory corruption

Description

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to boundary error in the Kernel component. A local attacker can run a specially crafted application, trigger memory corruption and execute arbitrary code with kernel privileges.

Successful exploitation of the vulnerability may result in system compromise.

Remediation

Update to version 12.1.1.

External links

https://support.apple.com/en-us/HT209340

4) Memory corruption

Description

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to boundary error in the Kernel component. A local attacker can run a specially crafted application, trigger memory corruption and execute arbitrary code with kernel privileges.

Successful exploitation of the vulnerability may result in system compromise.

Remediation

Update to version 12.1.1.

External links

https://support.apple.com/en-us/HT209340

5) Information disclosure

Description

The vulnerability allows a local attacker to obtain potentially sensitive information on the target system.

The weakness exists due to an error in the FaceTime component. A local attacker can trigger a state management error and access to contacts on a locked device.

Remediation

Update to version 12.1.1.

External links

https://support.apple.com/en-us/HT209340

6) Information disclosure

Description

The vulnerability allows a local attacker to obtain potentially sensitive information on the target system.

The weakness exists due to an error in the File Provider component. A local attacker can run a specially crafted application and learn information about the presence of other applications on the device.

Remediation

Update to version 12.1.1.

External links

https://support.apple.com/en-us/HT209340

7) Denial of service

Description

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to an error in the Kernel component. A local attacker can conduct DoS attack and cause the device to crash.

Remediation

Update to version 12.1.1.

External links

https://support.apple.com/en-us/HT209340

8) Information disclosure

Description

The vulnerability allows a local attacker to obtain potentially sensitive information on the target system.

The weakness exists due to a boundary error in the Kernel component. A local attacker can trigger memory corruption and read kernel memory.

Remediation

Update to version 12.1.1.

External links

https://support.apple.com/en-us/HT209340

9) Privilege escalation

Description

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to a logic issue in the Kernel component. A local attacker can run a specially crafted application and gain elevated privileges.

Remediation

Update to version 12.1.1.

External links

https://support.apple.com/en-us/HT209340

10) Spoofing attack

Description

The vulnerability allows a remote attacker to conduct spoofing attack on the target system.

The weakness exists due to insufficient validation of user-supplied input in the LinkPresentation component. A remote attacker can send a specially crafted mail message and spoof UI.

Remediation

Update to version 12.1.1.

External links

https://support.apple.com/en-us/HT209340

11) Spoofing attack

Description

The vulnerability allows a remote attacker to conduct spoofing attack on the target system.

The weakness exists due to insufficient validation of user-supplied input in the Safari component. A remote attacker can send a specially crafted mail message and spoof UI.

Remediation

Update to version 12.1.1.

External links

https://support.apple.com/en-us/HT209340

12) Security restrictions bypass

Description

The vulnerability allows a local attacker to bypass security restrictions on the target system.

The weakness exists due insufficient validation of certificates in the Profiles component. A local attacker can bypass security restrictions and cause an untrusted configuration profile to be incorrectly displayed as verified.

Remediation

Update to version 12.1.1.

External links

https://support.apple.com/en-us/HT209340

13) Spoofing attack

Description

The vulnerability allows a remote attacker to conduct spoofing attack on the target system.

The weakness exists due to insufficient validation of user-supplied input in the Safari component. A remote attacker can trick the victim into visiting a specially crafted website, trigger state management error and spoof address bar.

Remediation

Update to version 12.1.1.

External links

https://support.apple.com/en-us/HT209340

14) Security restrictions bypass

Description

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists in the Safari component due "Clear History and Website Data" did not clear the history. A remote attacker can bypass security restrictions and prevent fully deletion of browsing history.

Remediation

Update to version 12.1.1.

External links

https://support.apple.com/en-us/HT209340

15) Memory corruption

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the Webkit component. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

Remediation

Update to version 12.1.1.

External links

https://support.apple.com/en-us/HT209340

16) Memory corruption

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the Webkit component. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

Remediation

Update to version 12.1.1.

External links

https://support.apple.com/en-us/HT209340

17) Memory corruption

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the Webkit component. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

Remediation

Update to version 12.1.1.

External links

https://support.apple.com/en-us/HT209340

18) Memory corruption

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the Webkit component. A remote attacker can trick the victim into visiting a specially crafted website, trigger state management error and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

Remediation

Update to version 12.1.1.

External links

https://support.apple.com/en-us/HT209340

19) Memory corruption

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the Webkit component. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

Remediation

Update to version 12.1.1.

External links

https://support.apple.com/en-us/HT209340

20) Memory corruption

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the Webkit component. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

Remediation

Update to version 12.1.1.

External links

https://support.apple.com/en-us/HT209340

Back to List